Facebook fulfils pledge to invest $1 million in cybersecurity research

Amid a tornado of public contempt, social media behemoth attempts to salvage its reputation

17th August 2018

Facebook has fulfilled its pledge to invest in cybersecurity research that aims to help improve the security of the internet. The social media giant announced the allocation of funds this month, awarding $1 million in prizes and grants.

Last year, Facebook Chief Security Officer Alex Stamos pledged to provide $1 million in grants to support cybersecurity research. On August 16th, the company announced that it would be awarding $200,000 to three research groups.

Facebook will award the $200,000 at the USENIX Security Symposium in Baltimore. This will supplement the $800,000 worth of grants that Facebook announced at the Black Hat USA conference on the 8th August.

“This work enables important improvements in the way browsers prevent cross-site attacks and third-party tracking through cookies,” Facebook stated in a post announcing the top prize winner at USENIX. “We believe that improving these safeguards is critical to user privacy on the web.”

A KU Leuven paper titled “Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies” received the largest prize. The academics Gertjan Franken, Tom Van Goethem and Wouter Joosen secured $100,000 for their research.

The paper stated “although protected by the Same Origin Policy, popular browsers include cookies in all requests, even when these are cross-site.” “Unfortunately, these third-party cookies enable both cross-site attacks and third-party tracking.”

A team of researchers from Brigham Young University received $60,000. Their paper titled “The Secure Socket API: TLS as an Operating System Service” came second place.

“This work provides a prototype implementation that makes it easier for application developers to make appropriate use of cryptography,” Facebook insisted. “We believe safe-by-default libraries and frameworks are an important foundation for more secure software.”

The company awarded third place to a team from The Chinese University of Hong Kong and Sangfor Technologies. Their research report “Vetting Single Sign-On SDK Implementations via Symbolic Reasoning,” produced a code that is widely used, ensuring safety for users online.

The data harvesting controversy catalysed a major blow to Facebook’s share price. The company’s share price dropped by more than 20% last month, resulting in a loss of over $120 billion.

Following the GDPR disaster, Facebook is now demonstrating a commitment to improving user safety on the web. Last month, the company also announced that they would be acquiring an AI firm to tackle fake news on its social network platform.

Ravi Naik, a representative at the law firm representing a group of UK claimants, outlined the repercussions of Facebook’s misconduct. He said “there’s one economic consequence of what they’ve done…but there’s a human consequence as well.”

The world’s biggest social network has already suffered massive financial consequences for its sins. Amid a tornado of public contempt, the mission to salvage Facebook’s brand reputation continues.